Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/ksmHB8Lfdmf4KSuDsC_Eem7TjDc.roa
File: ksmHB8Lfdmf4KSuDsC_Eem7TjDc.roa (raw, json)
Hash identifier: dHpBcOwA49ox5B6jt/VPylw47D9t305qQs1zYgAaubU=
Subject key identifier: 92:C9:87:07:C2:DF:76:67:F8:29:2B:83:B0:2F:C4:7A:6E:D3:8C:37
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018AF754CA27A7D4BFEA5A52AF4ED12E8405
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/ksmHB8Lfdmf4KSuDsC_Eem7TjDc.roa
Signing time: Tue 03 Oct 2023 20:57:23 +0000
ROA not before: Tue 03 Oct 2023 20:57:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.145.152.0/24 maxlen: 24
45.145.154.0/23 maxlen: 24
80.83.88.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f7:54:ca:27:a7:d4:bf:ea:5a:52:af:4e:d1:2e:84:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Oct 3 20:57:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92c98707c2df7667f8292b83b02fc47a6ed38c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:44:21:ab:7f:37:34:1a:db:3d:08:85:e2:e5:
d0:5f:ae:21:19:8b:8b:4b:5c:c3:0b:fa:59:04:68:
e9:61:e2:c9:a3:37:84:d2:99:e5:a3:6b:fc:c8:d1:
5c:15:a0:b9:79:cb:89:7c:df:cd:dd:8e:5a:06:00:
ba:19:fe:4c:80:3f:a5:40:c4:f4:29:d6:54:3a:85:
f7:d4:2b:28:3e:14:28:8c:90:79:40:bd:15:ea:eb:
74:af:2d:30:ab:9c:7d:30:f4:64:f4:72:be:22:27:
83:b9:80:78:4c:52:e9:ed:f1:cd:91:c4:4f:75:41:
64:58:82:4a:95:19:e5:78:d1:7e:49:af:16:05:fe:
83:dd:c2:ff:cb:e4:a3:a3:eb:58:c5:8e:0f:f3:ce:
34:6f:af:b8:73:d3:fb:24:b2:bd:9e:d8:e4:f0:de:
9e:18:c4:cb:67:48:80:b2:78:b4:ea:e0:ce:09:91:
06:9a:fb:79:5a:e5:b2:fb:97:3f:01:69:1c:20:0d:
da:dd:da:09:ed:00:25:9b:e6:be:50:bd:a6:39:84:
20:87:d6:8d:35:b1:8d:0f:24:af:8c:db:60:75:eb:
c3:31:e6:d3:a6:6a:37:0b:8e:94:00:81:9f:62:70:
1a:dc:8f:6c:d4:e9:6e:58:ce:7d:bd:f0:30:df:49:
98:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C9:87:07:C2:DF:76:67:F8:29:2B:83:B0:2F:C4:7A:6E:D3:8C:37
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/ksmHB8Lfdmf4KSuDsC_Eem7TjDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.152.0/24
45.145.154.0/23
80.83.88.0/23
Signature Algorithm: sha256WithRSAEncryption
41:fa:59:0c:ee:46:5c:59:17:55:9e:f8:b6:4b:1f:d0:af:16:
3f:c6:fa:a9:d1:d7:ef:d3:f7:18:26:02:42:c9:2a:ca:4c:1f:
d2:55:b0:d6:48:b2:81:ed:db:d5:63:72:8a:fc:3c:e7:45:67:
54:76:72:20:45:1a:d6:ee:1c:dc:66:d7:ce:23:1a:db:d5:6b:
af:7f:57:09:5a:65:fd:b9:d5:19:e6:fa:2c:bc:27:d6:1a:01:
50:c7:04:ff:ad:cb:f0:c4:b4:96:b9:a9:be:92:89:b3:46:ba:
8c:f1:8d:9d:17:42:68:da:88:c4:ab:a8:1c:53:7c:a0:07:77:
87:99:fc:1b:6f:36:9c:ac:e3:8f:e7:ff:a4:c9:9c:f6:cb:f0:
5a:ef:79:eb:45:30:7c:7a:9c:25:30:c8:06:f4:c6:0b:11:89:
5b:1e:10:a3:13:59:c9:18:cc:77:7a:ac:14:d3:43:49:6c:e7:
16:4f:5e:3f:fb:97:80:2e:ee:c1:af:18:d6:2d:9d:76:79:03:
b0:d4:fe:2d:9a:87:7e:84:98:99:6d:c3:a0:84:71:f1:dd:e1:
f7:da:25:e9:21:08:54:60:5e:2b:b7:e0:78:89:c4:56:24:6f:
bd:18:7c:d7:98:79:5a:d3:3c:ec:5d:4f:44:5a:95:65:df:e1:
ea:88:e0:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr3VMonp9S/6lpSr07RLoQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMDAzMjA1NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM5ODcwN2MyZGY3NjY3ZjgyOTJiODNiMDJmYzQ3YTZlZDM4YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20Qhq383NBrbPQiF4uXQX64hGYuL
S1zDC/pZBGjpYeLJozeE0pnlo2v8yNFcFaC5ecuJfN/N3Y5aBgC6Gf5MgD+lQMT0
KdZUOoX31CsoPhQojJB5QL0V6ut0ry0wq5x9MPRk9HK+IieDuYB4TFLp7fHNkcRP
dUFkWIJKlRnleNF+Sa8WBf6D3cL/y+Sjo+tYxY4P8840b6+4c9P7JLK9ntjk8N6e
GMTLZ0iAsni06uDOCZEGmvt5WuWy+5c/AWkcIA3a3doJ7QAlm+a+UL2mOYQgh9aN
NbGNDySvjNtgdevDMebTpmo3C46UAIGfYnAa3I9s1OluWM59vfAw30mY3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJLJhwfC33Zn+Ckrg7AvxHpu04w3MB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEva3NtSEI4TGZkbWY0S1N1RHNDX0VlbTdUakRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZGYAwQB
LZGaAwQBUFNYMA0GCSqGSIb3DQEBCwUAA4IBAQBB+lkM7kZcWRdVnvi2Sx/QrxY/
xvqp0dfv0/cYJgJCySrKTB/SVbDWSLKB7dvVY3KK/DznRWdUdnIgRRrW7hzcZtfO
Ixrb1Wuvf1cJWmX9udUZ5vosvCfWGgFQxwT/rcvwxLSWuam+komzRrqM8Y2dF0Jo
2ojEq6gcU3ygB3eHmfwbbzacrOOP5/+kyZz2y/Ba73nrRTB8epwlMMgG9MYLEYlb
HhCjE1nJGMx3eqwU00NJbOcWT14/+5eALu7BrxjWLZ12eQOw1P4tmod+hJiZbcOg
hHHx3eH32iXpIQhUYF4rt+B4icRWJG+9GHzXmHla0zzsXU9EWpVl3+HqiOBp
-----END CERTIFICATE-----
Generated at Wed Oct 4 21:34:27 2023 by rpki-client on console-ams.rpki-client.org